Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Lecture 29Page 1Advanced Network Security

Privacy in Networking Advanced Network Security

Peter ReiherAugust, 2014

Lecture 29Page 2Advanced Network Security

Outline

• What do we mean by privacy?

• Privacy in networks

• Traffic analysis and onion routing

Lecture 29Page 3Advanced Network Security

What Is Privacy?

• The ability to keep certain information secret

• Usually one’s own information

• But also information that is “in your custody”

• Includes ongoing information about what you’re doing

Lecture 29Page 4Advanced Network Security

Privacy and Our Network Operations

• Lots of stuff goes on over the Internet– Banking and other commerce– Health care– Romance and sex– Family issues– Personal identity information

• We used to regard this stuff as private– Is it private any more?

Lecture 29Page 5Advanced Network Security

Threat to Computer Privacy• Cleartext transmission of data

• Poor security allows remote users to access our data

• Sites we visit save information on us

– Multiple sites can combine information

• Governmental snooping

• Location privacy

• Insider threats in various places

Lecture 29Page 6Advanced Network Security

Network Privacy

• Mostly issues of preserving privacy of data flowing through network

• Start with encryption

– With good encryption, data values not readable

• So what’s the problem?

Lecture 29Page 7Advanced Network Security

Traffic Analysis Problems

• Sometimes desirable to hide that you’re talking to someone else

• That can be deduced even if the data itself cannot

• How can you hide that?

– In the Internet of today?

Lecture 29Page 8Advanced Network Security

A Cautionary Example

• VoIP traffic is commonly encrypted

• Researchers recently showed that they could understand what was being said

– Despite the encryption

– Without breaking the encryption

– Without obtaining the key

Lecture 29Page 9Advanced Network Security

How Did They Do That?

• Lots of sophisticated data analysis based on understanding human speech

– And how the application worked

• In essence, use size of encrypted packets and interarrival time

– With enough analysis, got conversation about half right

Lecture 29Page 10Advanced Network Security

Onion Routing• Meant to handle issue of people knowing

who you’re talking to

• Basic idea is to conceal sources and destinations

• By sending lots of crypo-protected packets between lots of places

• Each packet goes through multiple hops

Lecture 29Page 11Advanced Network Security

A Little More Detail

• A group of nodes agree to be onion routers

• Users obtain crypto keys for those nodes

• Plan is that many users send many packets through the onion routers

– Concealing who’s really talking

Lecture 29Page 12Advanced Network Security

Sending an Onion-Routed Packet

• Encrypt the packet using the destination’s key

• Wrap that with another packet to another router

– Encrypted with that router’s key

• Iterate a bunch of times

Lecture 29Page 13Advanced Network Security

In Diagram Form

Source Destination

Onion routers

Lecture 29Page 14Advanced Network Security

What’s Really in the Packet

An unencrypted header to allow delivery to

Lecture 29Page 15Advanced Network Security

Delivering the Message

Lecture 29Page 16Advanced Network Security

What’s Been Achieved?

• Nobody improper read the message

• Nobody knows who sent the message

– Except the receiver

• Nobody knows who received the message

– Except the sender

• Assuming you got it all right

Lecture 29Page 17Advanced Network Security

Issues for Onion Routing

• Proper use of keys

• Traffic analysis

• Overheads

– Multiple hops

– Multiple encryptions

Lecture 29Page 18Advanced Network Security

Tor• The most popular onion routing system

• Widely available on the Internet

• Using some of the original onion routing software

– Significantly altered to handle various security problems

• Usable today, if you want to

• IETF is investigating standard for Tor

Lecture 29Page 19Advanced Network Security

Why Hasn’t Tor Solved This Privacy Problem?

• First, the limitations of onion routing• Plus usability issues

– Tor’s as good as it gets, but isn’t that easy to use• Can’t help if a national government disapproves

– China and other nations have prohibited Tor’s use• NSA (and others) keep attacking Tor’s privacy

techniques

Lecture 29Page 20Advanced Network Security

Can’t I Surreptitiously Run Tor?• Can’t I get around government restrictions by

just not telling them?• No

– Tor routers must know each others’ identities

– Traffic behavior of Tor routers “glows in the dark”

– Tor developers keep trying

Lecture 29Page 21Advanced Network Security

Conclusions

• We don’t have the privacy we used to have• We use networks for almost everything• Including moving our private data from place to

place• Cryptography can help protect its secrecy• But sophisticated attacks can negate the value

of crypto, to some extent• Such sophisticated attacks require sophisticated

defenses